function main($id, $mode) { global $db, $cache, $config, $user, $lang, $auth, $template, $cms_admin; add_permission_language(); include_once IP_ROOT_PATH . 'includes/class_auth_admin.' . PHP_EXT; $auth_admin = new auth_admin(); $submit = isset($_POST['submit']) ? true : false; $role_id = request_var('role_id', 0); $action = request_var('paction', ''); $action = isset($_POST['add']) ? 'add' : $action; $form_name = 'acp_permissions'; add_form_key($form_name); $this->tpl_name = 'cms_permissions_roles.tpl'; $this->u_action = append_sid($cms_admin->root . '?mode=auth&rmode=' . $mode . '&roles_admin=1'); switch ($mode) { case 'admin_roles': $permission_type = 'a_'; $this->page_title = 'ACP_ADMIN_ROLES'; break; case 'cms_roles': $permission_type = 'cms_'; $this->page_title = 'ACP_CMS_ROLES'; break; case 'forum_roles': $permission_type = 'f_'; $this->page_title = 'ACP_FORUM_ROLES'; break; case 'mod_roles': $permission_type = 'm_'; $this->page_title = 'ACP_MOD_ROLES'; break; case 'plugins_roles': $permission_type = 'pl_'; $this->page_title = 'ACP_PLUGINS_ROLES'; break; case 'user_roles': $permission_type = 'u_'; $this->page_title = 'ACP_USER_ROLES'; break; default: trigger_error('NO_MODE', E_USER_ERROR); break; } $template->assign_vars(array('L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])); // Take action... admin submitted something if ($submit || $action == 'remove') { switch ($action) { case 'remove': if (!$role_id) { trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING); } $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { $this->remove_role($role_id, $permission_type); $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name); trigger_error($user->lang['ROLE_DELETED'] . page_back_link($this->u_action)); } else { $s_hidden_fields = array('i' => $id, 'pmode' => $mode, 'role_id' => $role_id, 'paction' => $action); confirm_box(false, 'DELETE_ROLE', build_hidden_fields($s_hidden_fields)); } break; case 'edit': if (!$role_id) { trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING); } // Get role we edit $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING); } // no break; // no break; case 'add': if (!check_form_key($form_name)) { trigger_error($user->lang['FORM_INVALID'] . page_back_link($this->u_action), E_USER_WARNING); } $role_name = utf8_normalize_nfc(request_var('role_name', '', true)); $role_description = utf8_normalize_nfc(request_var('role_description', '', true)); $auth_settings = request_var('setting', array('' => 0)); if (!$role_name) { trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . page_back_link($this->u_action), E_USER_WARNING); } if (utf8_strlen($role_description) > 4000) { trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . page_back_link($this->u_action), E_USER_WARNING); } // if we add/edit a role we check the name to be unique among the settings... $sql = 'SELECT role_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\t\tAND role_name = '" . $db->sql_escape($role_name) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Make sure we only print out the error if we add the role or change it's name if ($row && ($mode == 'add' || $mode == 'edit' && $role_row['role_name'] != $role_name)) { trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . page_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array('role_name' => (string) $role_name, 'role_description' => (string) $role_description, 'role_type' => (string) $permission_type); if ($action == 'edit') { $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE role_id = ' . $role_id; $db->sql_query($sql); } else { // Get maximum role order for inserting a new role... $sql = 'SELECT MAX(role_order) as max_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'"; $result = $db->sql_query($sql); $max_order = (int) $db->sql_fetchfield('max_order'); $db->sql_freeresult($result); $sql_ary['role_order'] = $max_order + 1; $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); $role_id = $db->sql_nextid(); } // Now add the auth settings $auth_admin->acl_set_role($role_id, $auth_settings); $role_name = !empty($user->lang[$role_name]) ? $user->lang[$role_name] : $role_name; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name); trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . page_back_link($this->u_action)); break; } } // Display screens switch ($action) { case 'add': $options_from = request_var('options_from', 0); $role_row = array('role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 'role_type' => $permission_type); if ($options_from) { $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o WHERE o.auth_option_id = p.auth_option_id AND p.role_id = ' . $options_from . ' ORDER BY p.auth_option_id'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = $row['auth_setting']; } $db->sql_freeresult($result); } else { $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "\n\t\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\t\tORDER BY auth_option_id"; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = ACL_NO; } $db->sql_freeresult($result); } // no break; // no break; case 'edit': if ($action == 'edit') { if (!$role_id) { trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING); } $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o WHERE o.auth_option_id = p.auth_option_id AND p.role_id = ' . $role_id . ' ORDER BY p.auth_option_id'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = $row['auth_setting']; } $db->sql_freeresult($result); } if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING); } $template->assign_vars(array('S_EDIT' => true, 'U_ACTION' => $this->u_action . "&paction={$action}&role_id={$role_id}", 'U_BACK' => $this->u_action, 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)])); // We need to fill the auth options array with ACL_NO options ;) $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "\n\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\tORDER BY auth_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!isset($auth_options[$row['auth_option']])) { $auth_options[$row['auth_option']] = ACL_NO; } } $db->sql_freeresult($result); // Unset global permission option unset($auth_options[$permission_type]); // Display auth options $this->display_auth_options($auth_options); // Get users/groups/forums using this preset... if ($action == 'edit') { $hold_ary = $auth_admin->get_role_mask($role_id); if (sizeof($hold_ary)) { $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true, 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))); $auth_admin->display_role_mask($hold_ary); } } return; break; case 'move_up': case 'move_down': $order = request_var('order', 0); $order_total = $order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' SET role_order = ' . $order_total . " - role_order\n\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\tAND role_order IN ({$order}, " . ($action == 'move_up' ? $order - 1 : $order + 1) . ')'; $db->sql_query($sql); break; } // By default, check that role_order is valid and fix it if necessary $sql = 'SELECT role_id, role_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { $order++; if ($row['role_order'] != $order) { $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = {$order} WHERE role_id = {$row['role_id']}"); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); // Display assigned items? $display_item = request_var('display_item', 0); // Select existing roles $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC"; $result = $db->sql_query($sql); $s_role_options = ''; while ($row = $db->sql_fetchrow($result)) { $role_name = !empty($user->lang[$row['role_name']]) ? $user->lang[$row['role_name']] : $row['role_name']; $template->assign_block_vars('roles', array('ROLE_NAME' => $role_name, 'ROLE_DESCRIPTION' => !empty($user->lang[$row['role_description']]) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 'U_EDIT' => $this->u_action . '&paction=edit&role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&paction=remove&role_id=' . $row['role_id'], 'U_MOVE_UP' => $this->u_action . '&paction=move_up&order=' . $row['role_order'], 'U_MOVE_DOWN' => $this->u_action . '&paction=move_down&order=' . $row['role_order'], 'U_DISPLAY_ITEMS' => $row['role_id'] == $display_item ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')); $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>'; if ($display_item == $row['role_id']) { $template->assign_vars(array('L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))); } } $db->sql_freeresult($result); $template->assign_vars(array('S_ROLE_OPTIONS' => $s_role_options)); if ($display_item) { $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true)); $hold_ary = $auth_admin->get_role_mask($display_item); $auth_admin->display_role_mask($hold_ary); } }